Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/EyGqTLXc2ydWjyvhkkiyqi8ArhA.roa
File:                     EyGqTLXc2ydWjyvhkkiyqi8ArhA.roa (raw, json)
Hash identifier:          5jWUC0nXWyuda/cqZ0Ox9ZX+hgjP+DWd/QWyV6ItBf4=
Subject key identifier:   13:21:AA:4C:B5:DC:DB:27:56:8F:2B:E1:92:48:B2:AA:2F:00:AE:10
Certificate issuer:       /CN=81fa48f40bc84540c46bd23be9b90897aa184f4d
Certificate serial:       018CC801567BAF769930011DF2A6BC0CE364
Authority key identifier: 81:FA:48:F4:0B:C8:45:40:C4:6B:D2:3B:E9:B9:08:97:AA:18:4F:4D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gfpI9AvIRUDEa9I76bkIl6oYT00.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/EyGqTLXc2ydWjyvhkkiyqi8ArhA.roa
Signing time:             Tue 02 Jan 2024 02:29:40 +0000
ROA not before:           Tue 02 Jan 2024 02:29:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     211250
IP address blocks:        195.64.229.0/24 maxlen: 24
                          195.64.239.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/gfpI9AvIRUDEa9I76bkIl6oYT00.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/gfpI9AvIRUDEa9I76bkIl6oYT00.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gfpI9AvIRUDEa9I76bkIl6oYT00.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:01:56:7b:af:76:99:30:01:1d:f2:a6:bc:0c:e3:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81fa48f40bc84540c46bd23be9b90897aa184f4d
        Validity
            Not Before: Jan  2 02:29:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=1321aa4cb5dcdb27568f2be19248b2aa2f00ae10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:b8:95:cc:7e:2f:1c:eb:09:7e:8a:57:2a:98:
                    cb:61:22:fd:85:d7:55:d2:8f:25:c1:d6:74:ff:ad:
                    c4:0c:e0:d0:8f:27:1b:74:1f:6f:da:a3:56:54:2f:
                    b3:b1:11:48:c6:ed:62:b0:eb:17:6d:0d:7d:68:f4:
                    da:e6:03:a0:f0:b9:45:3f:21:b7:c3:f9:cf:9d:62:
                    8c:24:5b:65:57:6f:b6:13:a7:c0:41:c8:cb:9f:ca:
                    95:26:e4:71:8c:b1:10:77:d6:af:b0:e8:11:e8:5a:
                    3a:03:78:be:80:42:6b:5a:11:99:6e:86:f8:6b:20:
                    7c:90:e9:09:fe:49:0c:a3:ec:df:06:fb:7c:e1:e8:
                    28:80:74:f4:a1:e8:f0:7a:c7:c3:3c:de:86:9a:21:
                    3c:94:ce:35:e3:d6:b5:ae:c6:24:81:d8:a4:6e:47:
                    8b:f7:31:d9:38:85:c9:62:f1:79:65:70:af:2b:9b:
                    2c:13:06:bd:ee:ad:b3:33:b3:73:db:0d:a9:69:2e:
                    36:c5:6b:42:c3:7c:35:7e:28:d0:25:fc:07:2f:5f:
                    ac:d7:83:9c:02:d9:61:30:0b:71:8c:41:67:3e:14:
                    ef:b9:94:b6:9b:76:7a:46:57:8e:58:11:38:db:2c:
                    68:83:9a:5a:6b:9d:bc:9a:7e:62:0f:51:e6:41:bc:
                    ed:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:21:AA:4C:B5:DC:DB:27:56:8F:2B:E1:92:48:B2:AA:2F:00:AE:10
            X509v3 Authority Key Identifier:
                keyid:81:FA:48:F4:0B:C8:45:40:C4:6B:D2:3B:E9:B9:08:97:AA:18:4F:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gfpI9AvIRUDEa9I76bkIl6oYT00.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/EyGqTLXc2ydWjyvhkkiyqi8ArhA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/gfpI9AvIRUDEa9I76bkIl6oYT00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.64.229.0/24
                  195.64.239.0/24

    Signature Algorithm: sha256WithRSAEncryption
         52:99:dd:32:62:ff:4f:b0:b5:bc:06:86:b8:48:38:43:a0:cc:
         3f:0f:38:d4:af:b4:72:c4:15:5b:a5:e7:c8:a5:81:9e:62:6f:
         b6:42:5e:f7:cf:2e:9e:45:0e:29:b8:bc:d4:99:9e:e6:ab:83:
         8e:2b:98:8e:e1:bd:6e:0d:fa:d4:44:fa:ed:82:27:0b:84:4b:
         92:95:34:d1:e9:4b:c7:5d:02:29:60:ad:0a:7d:f0:28:97:02:
         53:f6:72:da:fc:31:be:1b:3f:fc:90:42:12:2c:cb:af:3a:ba:
         42:10:76:04:bd:b0:92:d1:30:ad:dd:41:42:52:9c:d6:83:0a:
         9d:ce:0c:b3:70:42:e0:ef:bc:e3:73:bb:98:67:58:94:4e:d5:
         47:5d:96:b0:4c:6c:f3:3f:fc:97:06:70:ba:56:6f:bc:c8:34:
         89:7c:d4:68:cd:4f:05:a7:06:34:17:60:64:2b:63:b4:00:23:
         35:13:71:72:62:c2:93:2d:19:bc:cf:36:f3:c3:94:d8:d2:ae:
         35:49:d9:fe:d6:b8:a3:86:30:9a:1d:6b:b4:f0:66:16:88:86:
         63:23:66:93:b6:c8:11:b4:ac:54:cb:a6:f7:02:59:9d:e1:3d:
         52:12:14:40:fd:f5:d5:56:62:73:09:72:fb:51:45:61:10:18:
         df:a5:58:9e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIAVZ7r3aZMAEd8qa8DONkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZmE0OGY0MGJjODQ1NDBjNDZiZDIzYmU5YjkwODk3YWEx
ODRmNGQwHhcNMjQwMTAyMDIyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzIxYWE0Y2I1ZGNkYjI3NTY4ZjJiZTE5MjQ4YjJhYTJmMDBhZTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLiVzH4vHOsJfopXKpjLYSL9hddV
0o8lwdZ0/63EDODQjycbdB9v2qNWVC+zsRFIxu1isOsXbQ19aPTa5gOg8LlFPyG3
w/nPnWKMJFtlV2+2E6fAQcjLn8qVJuRxjLEQd9avsOgR6Fo6A3i+gEJrWhGZbob4
ayB8kOkJ/kkMo+zfBvt84egogHT0oejwesfDPN6GmiE8lM4149a1rsYkgdikbkeL
9zHZOIXJYvF5ZXCvK5ssEwa97q2zM7Nz2w2paS42xWtCw3w1fijQJfwHL1+s14Oc
AtlhMAtxjEFnPhTvuZS2m3Z6RleOWBE42yxog5paa528mn5iD1HmQbztwwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBMhqky13NsnVo8r4ZJIsqovAK4QMB8GA1UdIwQY
MBaAFIH6SPQLyEVAxGvSO+m5CJeqGE9NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2ZwSTlBdklSVURFYTlJNzZia0lsNm9ZVDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8xNDYwNzgtZjliMi00MTYzLWFmMWEt
OGU5M2NiNWM1MzU1LzEvRXlHcVRMWGMyeWRXanl2aGtraXlxaThBcmhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My8xNDYwNzgtZjliMi00MTYzLWFmMWEtOGU5M2NiNWM1MzU1
LzEvZ2ZwSTlBdklSVURFYTlJNzZia0lsNm9ZVDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw0DlAwQA
w0DvMA0GCSqGSIb3DQEBCwUAA4IBAQBSmd0yYv9PsLW8Boa4SDhDoMw/DzjUr7Ry
xBVbpefIpYGeYm+2Ql73zy6eRQ4puLzUmZ7mq4OOK5iO4b1uDfrURPrtgicLhEuS
lTTR6UvHXQIpYK0KffAolwJT9nLa/DG+Gz/8kEISLMuvOrpCEHYEvbCS0TCt3UFC
UpzWgwqdzgyzcELg77zjc7uYZ1iUTtVHXZawTGzzP/yXBnC6Vm+8yDSJfNRozU8F
pwY0F2BkK2O0ACM1E3FyYsKTLRm8zzbzw5TY0q41Sdn+1rijhjCaHWu08GYWiIZj
I2aTtsgRtKxUy6b3Almd4T1SEhRA/fXVVmJzCXL7UUVhEBjfpVie
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:02:39 2024 by rpki-client on console-fra.rpki-client.org